CVE-2023-40277

An issue was discovered in OpenClinic GA 5.247.01. A Reflected Cross-Site Scripting XSS vulnerability has been discovered in the login.jsp message parameter...

CVE-2022-26959

There are two full read/write Blind/Time-based SQL injection vulnerabilities in the Northstar Club Management version 6.3 application. The vulnerabilities exist in the userName parameter of the processlogin.jsp page in the /northstar/Portal/ directory and the userID parameter of the login.jsp pag...

EUVD-2025-37396

A vulnerability was identified in LogicalDOC Community Edition up to 9.2.1. This vulnerability affects unknown code of the file /login.jsp of the component Admin Login Page. Such manipulation leads to improper restriction of excessive authentication attempts. The attack can be executed remotely...

LogicalDOC Community Edition 安全漏洞

LogicalDOC Community Edition is a documentation system from LogicalDOC Italy. A security vulnerability exists in LogicalDOC Community Edition 9.2.1 and earlier versions, which stems from an improperly restricted authentication attempt in the file /login.jsp, which could lead to a remote brute-for...

EUVD-2010-0742

Malware in sbrugna...

EUVD-2022-31503

Malicious code in bioql PyPI...

CVE-2020-17453

WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter...

Yonyou UFIDA ERP-NC /login.jsp file cross-site scripting vulnerability

Yonyou UFIDA ERP-NC is a kind of Enterprise Resource Planning ERP software, which is mainly used for financial management, supply chain management, production management and customer relationship management of enterprises. Yonyou UFIDA ERP-NC suffers from a cross-site scripting vulnerability that...

CVE-2025-2709

A vulnerability has been found in Yonyou UFIDA ERP-NC 5.0 and classified as problematic. This vulnerability affects unknown code of the file /login.jsp. The manipulation of the argument key/redirect leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclose...

CVE-2025-2709

A vulnerability has been found in Yonyou UFIDA ERP-NC 5.0 and classified as problematic. This vulnerability affects unknown code of the file /login.jsp. The manipulation of the argument key/redirect leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclose...

CVE-2025-2709 Yonyou UFIDA ERP-NC login.jsp cross site scripting

A vulnerability has been found in Yonyou UFIDA ERP-NC 5.0 and classified as problematic. This vulnerability affects unknown code of the file /login.jsp. The manipulation of the argument key/redirect leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclose...

PT-2025-12678 · Yonyou · Yonyou Ufida Erp-Nc

Name of the Vulnerable Software and Affected Versions: Yonyou UFIDA ERP-NC version 5.0 Description: A problematic issue has been identified, affecting the /login.jsp file. The manipulation of the key/redirect argument leads to cross-site scripting. This issue can be initiated remotely...

CVE-2024-24507

Cross Site Scripting vulnerability in Act-On 2023 allows a remote attacker to execute arbitrary code via the newUser parameter in the login.jsp component...

PT-2024-20427 · Act-On · Act-On

Name of the Vulnerable Software and Affected Versions: Act-On version 2023 Description: The issue allows a remote attacker to execute arbitrary code via the newUser parameter in the "login.jsp" component. This enables the attacker to perform Cross Site Scripting attacks. Recommendations: For Act-...

CVE-2024-24507

Act-On (v2023) is affected by a Cross Site Scripting vulnerability in the login.jsp component, exploitable via the newUser parameter. The issue enables a remote attacker to execute arbitrary code through XSS. The vulnerability is documented across multiple sources (Act-On context; login.jsp; newU...

CVE-2024-37679

Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp parameter...

CVE-2024-37679

Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp parameter...

PT-2024-27713 · Finesoft · Finesoft

Name of the Vulnerable Software and Affected Versions: Finesoft versions 8.0 and before Description: The issue allows a remote attacker to execute arbitrary code via a crafted script to the "login.jsp" parameter. This enables the attacker to perform actions such as executing arbitrary code...

CVE-2023-40277

An issue was discovered in OpenClinic GA 5.247.01. A Reflected Cross-Site Scripting XSS vulnerability has been discovered in the login.jsp message parameter...

CVE-2023-40277

OpenClinic GA 5.247.01 contains a reflected XSS in the login.jsp message parameter. The vulnerability affects the login flow and is documented with CVSSv3.1 base score 6.1 (MEDIUM) with Network attack vector, low attack complexity, no privileges, user interaction required, and changed scope (C/L/...